Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Thread Tools Display Modes
  #1   (View Single Post)  
Old 13th May 2015
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,503
Default Extremely serious virtual machine bug threatens cloud providers everywhere

From http://arstechnica.com/security/2015...rs-everywhere/

There's an extremely critical bug in the Xen, KVM, and native QEMU virtual machine platforms and appliances that makes it possible for attackers to break out of protected guest environments and take full control of the operating system hosting them, security researchers warned Wednesday.

The vulnerability is serious because it pierces a key protection that many cloud service providers use to segregate one customer's data from another's. If attackers with access to one virtualized environment can escape to the underlying operating system, they could potentially access all other virtual environments.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 13th May 2015
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102

Originally Posted by J65nko View Post
I don't get how is this a news? With exception of Xen which makes some effort to be security conscience other two projects are insecure by default. Qemu is userland virtualization technology which is good for playing with software but nobody in right mind should use that. KVM which by the way I use in my Lab has nothing to do with security. It is just a convenient way to make people feel like they have their own machine even though in reality they don't have it.
Reply With Quote
  #3   (View Single Post)  
Old 14th May 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 6,179

Originally Posted by Oko View Post
I don't get how is this a news?
It's news because it is suddenly very clear and unambiguous that a virtual machine can assume control of its host, and all that this entails. It's news because of our global civilization's reliance upon cloud computing.

VMs became ubiquitous during the 1990s for scaling server infrastructure, and in the 2000s VM dynamic management facilities enabled cloud computing services. Which all of us rely upon, whether we are aware of it or not. Do you use a bank? Do you shop at a store? Post a letter? Even people who don't have or use computers are dependent on cloud computing. All of us use services available in our societies, and those services may depend upon cloud computing, or rely upon service providers who depend upon such services.

VMs have been part of computing since 1972, and operational factors have been a consideration ever since. But focus and attention have mainly been on resource management, performance, and operational stability, not on security.

Last edited by jggimi; 14th May 2015 at 12:25 PM. Reason: typo, clarity
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
KVM Virtual Machine network configuration J65nko Other BSD and UNIX/UNIX-like 3 2nd December 2014 06:00 AM
Networking on virtual machine satimis General software and network 4 29th November 2008 02:16 PM
USB support in virtual machine? Sunnz OpenBSD Packages and Ports 2 16th November 2008 04:00 AM
highly secure virtual machine uptonm OpenBSD Security 26 28th July 2008 10:10 PM
Extract ISO under OpenVZ virtual machine stukov Other BSD and UNIX/UNIX-like 1 14th May 2008 09:46 PM

All times are GMT. The time now is 11:48 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick